Author: jmm Date: 2012-01-25 15:54:57 +0000 (Wed, 25 Jan 2012) New Revision: 18291 Modified: data/CVE/list Log: new wordpress issues suhosin fixed NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-01-25 09:14:28 UTC (rev 18290) +++ data/CVE/list 2012-01-25 15:54:57 UTC (rev 18291) @@ -7,15 +7,15 @@ CVE-2012-0907 (Directory traversal vulnerability in the web player in NeoAxis NeoAxis ...) TODO: check CVE-2012-0906 (SQL injection vulnerability in the Moviebase addon for deV!L''z ...) - TODO: check + NOT-FOR-US: deV!L''z Clanportal CVE-2012-0905 (SQL injection vulnerability in deV!L''z Clanportal (DZCP) Gamebase ...) - TODO: check + NOT-FOR-US: deV!L''z Clanportal CVE-2012-0904 (VLC media player 1.1.11 allows remote attackers to cause a denial of ...) TODO: check CVE-2012-0903 (Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Desktop ...) - TODO: check + NOT-FOR-US: Zimbra Desktop CVE-2012-0902 (AirTies Air 4450 1.1.2.18 allows remote attackers to cause a denial of ...) - TODO: check + NOT-FOR-US: AirTies Air CVE-2012-0901 (Cross-site scripting (XSS) vulnerability in yousaytoo.php in YouSayToo ...) TODO: check CVE-2012-0900 (Multiple cross-site scripting (XSS) vulnerabilities in Beehive Forum ...) @@ -210,7 +210,7 @@ [squeeze] - as31 <no-dsa> (The maintainer consider it a minor issue. Check comments in the bug report) CVE-2012-0807 [Suhosin extension "transparent cookie encryption buffer overflow"] RESERVED - - php-suhosin <unfixed> (bug #657190) + - php-suhosin 0.9.33-1 (bug #657190) NOTE: https://github.com/stefanesser/suhosin/commit/73b1968ee30f6d9d2dae497544b910e68e114bfa CVE-2012-0806 [bip: buffer overflow] RESERVED @@ -275,6 +275,8 @@ RESERVED CVE-2012-0782 RESERVED + - wordpress <unfixed> + NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt CVE-2012-0781 (The tidy_diagnose function in PHP 5.3.8 might allow remote attackers ...) TODO: check CVE-2012-0780 @@ -1766,8 +1768,12 @@ - activemq 5.5.0+dfsg-5 (bug #655495) CVE-2011-4899 RESERVED + - wordpress <unfixed> + NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt CVE-2011-4898 RESERVED + - wordpress <unfixed> + NOTE: https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt CVE-2010-5081 (Stack-based buffer overflow in Mini-Stream RM-MP3 Converter 3.1.2.1 ...) NOT-FOR-US: Mini-Stream RM-MP3 Converter CVE-2009-5111 (GoAhead WebServer allows remote attackers to cause a denial of service ...)